Wireshark mailing list archives

Re: Extracting payload from ethernet dumps

From: Simon Greifswald <edtfatr-ah () web de>
Date: Tue, 28 Sep 2010 12:35:12 +0200

Am Montag, 27. September 2010, 17:09:25 schrieb Estanislao Gonzalez:

not completely sure, but I think "tcpdump -r file" will read from your
file and dump some basic information.

You could rewrite it (I think) with -w new_file dumping only what you need.

Anyway, you should definitely check the man page of tcpdump (or online
help if not in linux)


Thanks for answering.
tcpdump -w only strips link layer headers from the packets and tcpdump does 
not provide for other manipulation functions.

Armin
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe

Current thread:

Extracting payload from ethernet dumps Simon Greifswald (Sep 27)
- Re: Extracting payload from ethernet dumps Estanislao Gonzalez (Sep 27)
  - Re: Extracting payload from ethernet dumps Simon Greifswald (Sep 28)
- Re: Extracting payload from ethernet dumps Tim.Poth (Sep 27)
- Re: Extracting payload from ethernet dumps Sake Blok (Sep 29)